From 82165a0cf0e4f9d6f22cea44d77695a82d995352 Mon Sep 17 00:00:00 2001
From: Tim Hunt <T.J.Hunt@open.ac.uk>
Date: Mon, 2 Nov 2009 17:10:31 +0000
Subject: [PATCH] quiz: MDL-20706 prevent XSRF. Uses new require_sesskey
 function from MDL-20702.

---
 mod/quiz/processattempt.php | 2 +-
 mod/quiz/review.php         | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/mod/quiz/processattempt.php b/mod/quiz/processattempt.php
index cbabdc5094..fef967d8cf 100644
--- a/mod/quiz/processattempt.php
+++ b/mod/quiz/processattempt.php
@@ -44,7 +44,7 @@ if ($timeup) {
 
 /// Check login.
 require_login($attemptobj->get_courseid(), false, $attemptobj->get_cm());
-confirm_sesskey();
+require_sesskey();
 
 /// Check that this attempt belongs to this user.
 if ($attemptobj->get_userid() != $USER->id) {
diff --git a/mod/quiz/review.php b/mod/quiz/review.php
index 7eb76063ce..d744696a5f 100644
--- a/mod/quiz/review.php
+++ b/mod/quiz/review.php
@@ -62,7 +62,7 @@
 
 /// Save the flag states, if they are being changed.
     if ($options->flags == QUESTION_FLAGSEDITABLE && optional_param('savingflags', false, PARAM_BOOL)) {
-        confirm_sesskey();
+        require_sesskey();
         $formdata = data_submitted();
 
         question_save_flags($formdata, $attemptid, $questionids);
-- 
2.39.5